mirror of https://github.com/kubernetes/kops.git
154 lines
3.9 KiB
YAML
154 lines
3.9 KiB
YAML
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: {{.FEDERATION_NAMESPACE}}
|
|
|
|
---
|
|
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: {{.FEDERATION_APISERVER_DEPLOYMENT_NAME}}
|
|
namespace: {{.FEDERATION_NAMESPACE}}
|
|
labels:
|
|
app: federated-cluster
|
|
annotations:
|
|
dns.alpha.kubernetes.io/external: {{.EXTERNAL_HOSTNAME}}
|
|
spec:
|
|
type: LoadBalancer
|
|
selector:
|
|
app: federated-cluster
|
|
module: federation-apiserver
|
|
ports:
|
|
- name: https
|
|
protocol: TCP
|
|
port: 443
|
|
targetPort: 443
|
|
|
|
---
|
|
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: {{.FEDERATION_APISERVER_DEPLOYMENT_NAME}}-etcd-claim
|
|
annotations:
|
|
volume.alpha.kubernetes.io/storage-class: "yes"
|
|
namespace: {{.FEDERATION_NAMESPACE}}
|
|
labels:
|
|
app: federated-cluster
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: 10Gi
|
|
|
|
---
|
|
|
|
apiVersion: extensions/v1beta1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{.FEDERATION_APISERVER_DEPLOYMENT_NAME}}
|
|
namespace: {{.FEDERATION_NAMESPACE}}
|
|
labels:
|
|
app: federated-cluster
|
|
spec:
|
|
template:
|
|
metadata:
|
|
name: federation-apiserver
|
|
labels:
|
|
app: federated-cluster
|
|
module: federation-apiserver
|
|
spec:
|
|
containers:
|
|
- name: apiserver
|
|
image: {{.FEDERATION_APISERVER_IMAGE_REPO}}:{{.FEDERATION_APISERVER_IMAGE_TAG}}
|
|
command:
|
|
- /hyperkube
|
|
- federation-apiserver
|
|
- --bind-address=0.0.0.0
|
|
- --etcd-servers=http://localhost:2379
|
|
- --service-cluster-ip-range={{.FEDERATION_SERVICE_CIDR}}
|
|
- --secure-port=443
|
|
- --external-hostname={{.EXTERNAL_HOSTNAME}}
|
|
- --client-ca-file=/srv/kubernetes/ca.crt
|
|
- --basic-auth-file=/srv/kubernetes/basic-auth.csv
|
|
- --tls-cert-file=/srv/kubernetes/server.cert
|
|
- --tls-private-key-file=/srv/kubernetes/server.key
|
|
- --admission-control={{.FEDERATION_ADMISSION_CONTROL}}
|
|
- --token-auth-file=/srv/kubernetes/known-tokens.csv
|
|
ports:
|
|
- containerPort: 443
|
|
name: https
|
|
- containerPort: 8080
|
|
name: local
|
|
volumeMounts:
|
|
- name: federation-apiserver-secrets
|
|
mountPath: /srv/kubernetes/
|
|
readOnly: true
|
|
- name: etcd
|
|
image: quay.io/coreos/etcd:v2.3.3
|
|
command:
|
|
- /etcd
|
|
- --data-dir
|
|
- /var/etcd/data
|
|
volumeMounts:
|
|
- mountPath: /var/etcd
|
|
name: varetcd
|
|
volumes:
|
|
- name: federation-apiserver-secrets
|
|
secret:
|
|
secretName: federation-apiserver-secrets
|
|
- name: varetcd
|
|
persistentVolumeClaim:
|
|
claimName: {{.FEDERATION_APISERVER_DEPLOYMENT_NAME}}-etcd-claim
|
|
|
|
---
|
|
|
|
apiVersion: extensions/v1beta1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{.FEDERATION_CONTROLLER_MANAGER_DEPLOYMENT_NAME}}
|
|
namespace: {{.FEDERATION_NAMESPACE}}
|
|
labels:
|
|
app: federated-cluster
|
|
spec:
|
|
template:
|
|
metadata:
|
|
name: federation-controller-manager
|
|
labels:
|
|
app: federated-cluster
|
|
module: federation-controller-manager
|
|
spec:
|
|
volumes:
|
|
- name: ssl-certs
|
|
hostPath:
|
|
path: /etc/ssl/certs
|
|
containers:
|
|
- name: controller-manager
|
|
volumeMounts:
|
|
- name: ssl-certs
|
|
readOnly: true
|
|
mountPath: /etc/ssl/certs
|
|
image: {{.FEDERATION_CONTROLLER_MANAGER_IMAGE_REPO}}:{{.FEDERATION_CONTROLLER_MANAGER_IMAGE_TAG}}
|
|
command:
|
|
- /hyperkube
|
|
- federation-controller-manager
|
|
- --master=https://{{.FEDERATION_APISERVER_DEPLOYMENT_NAME}}:443
|
|
- --dns-provider={{.FEDERATION_DNS_PROVIDER}}
|
|
- --dns-provider-config={{.FEDERATION_DNS_PROVIDER_CONFIG}}
|
|
- --federation-name={{.FEDERATION_NAME}}
|
|
- --zone-name={{.DNS_ZONE_NAME}}
|
|
ports:
|
|
- containerPort: 443
|
|
name: https
|
|
- containerPort: 8080
|
|
name: local
|
|
env:
|
|
- name: POD_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
|
|
|